The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
XML can supply the standard data type in information exchange format on a lot of data generated in running database or applied programs for a company by using the advantage that it can describe meaningful information directly. Accordingly since there are increasing needs for the efficient management and telemedicine security of the massive volume of XML data, it is necessary to develop a secure access...
Access Control over large scale distributed system like Cloud computing are one of the most debated topics of computer security. Despite the common use and the popularity of the Cloud computing paradigm, significant risks and challenges are inherent to this new concept, especially when we talk about storage of sensitive data via insecure network. In this paper we look at the problem of protecting...
Android is a popular operating system on mobile devices, and people care about the security issues of Android very much. Based on the analysis of the defects in Android security mechanism, this paper proposes the design and implementation of an Android File Access Control System that supplies authorization and authentication to the file operations in order to prevent the sensitive files. The simulation...
Multi-policy supporting is a security mechanism which can control security system's action based on more than one policy. This mechanism can enhance the security of system greatly. The exiting typical access control1 models, such as MAC, DAC, RBAC, are not multi-policy supporting. This paper provides a multi-policy supporting access control model (MPSAC). Because of the complexity of applying multiple...
The emergence of XML-based web services as a new software development paradigm increases the expectations of getting better software that address the various collaboration demands over Internet between organizations, or what's termed virtual Organization (VO). The development of appropriate identity management systems between these heterogeneous security domains will be the key enabler for such collaboration...
The primary role of network access control is to decide on the validity of user's identity accepted into the networks and authorization accessed to the particular resource so that users conforming to their established access polices achieve predefined services. This paper presents a specific scenario which supports quality of service (QoS) in network domain. The QoS access rules are based not only...
As demands for treating an access control on the client side, which is conventionally controlled by a server, increase, there is a need to treat query processing effectively and securely in an environment with limited resources. Access control that has been previously performed only focused on safety, and thus not much effort has been done to consider access control in terms of efficiency. This paper...
Nowadays, a new security problem is arising in intranets. The threats from inside an organization account for a rapidly increasing proportion of losses. A new concept of “File View” is proposed to resolve this security problem in intranets, which uses the structure of database view for reference. Because of the differences between file system and database, there are some challenges in extending this...
At present, emerging possibilities for patients to access their health records or health information may potentially lead to changes within the current health care delivery system from an institution-centered to a patient-centered model and an electronic personal health record (PHR) may greatly influence such a shift. However, the use of PHRs does introduce specific challenges in terms of accidental...
NETCONF is a new protocol as the network becomes more and more complexity, which has a better capability administering lots of devices. However, the large scale network brings some trouble for implementing access control especially when administers need to deploy or update policies on each devices. In this regard, the architecture of centralized access control proxy server based on NETCONF is focused,...
For the fact that traditional Access Control models are mostly static, coarsely grained, and not well suited for solving the application in the security of web services. This paper extends access control models by introducing actions based on attribute-based access control. The model avoids the complex structure of multi-attribute and solves the problem that relevant dynamic authorization and permission...
With the rapid development of the process of information of large-scale enterprises and organizations, information integration has become a hot research issue at present. Existing systems usually adopt access control model, such as ACL (access control list), MAC (mandatory access control) or RBAC (role-based access control), which results in the diversity of access control models in system integration...
The loosely coupled nature of service-oriented architectures raises the question how information for access control can be managed in an efficient way. Several specifications for Web services exist to describe security requirements and to facilitate a provision of identity information. However, the integration of different standards regarding the expression of identity information in policies, claims...
With the fast development of high speed wireless technologies and the growing population of mobile portable devices, location information is potentially available for access control systems. Such applications are especially meaningful in emergency situations, where quick responses are urgently required for persons to be physically present in a certain place to perform sensitive tasks without conflicting...
In this paper, we compare three open source access control languages, XACML, JAAS and Java ACL. In addition to a conceptual analysis, we use a Web-based health care system as a common application, in which controlled access is implemented through each of the languages. We compare the languages using standard software metrics, such as reusability, policy expressiveness, extensibility, error handling,...
At present, the electronic document in Intranet is not flexible enough in use. We cannot authorize different paragraphs of one document to different persons in file system. Furthermore, there are two security requirements of e-document: (a) The inadvertent disclosure of the commercial confidential information by legal user causes enormous losses. (b) Once the commercial confidential information is...
Because of the limitations of condition configuration and execution mechanism, the exiting access control models are not flexible and can not support multi-policy. Focusing on this, the paper presents a policy-based access control model (PBAC). Different from the traditional models which restrict session only with subject authorization, PBAC realizes policy-based access control by defining attribute...
As more and more sensitive information gets stored in the form of XML, proper access control to the XML documents becomes increasingly important. Moreover, XML documents may be available to users at certain time periods, and unavailable at others. To tackle such dynamic aspects, this paper proposes a bitmap-indexing scheme in which timed access control decisions can be effectively processed. The form...
XACML is commonly used as a policy exchange mechanism, decision engines are available, and verification tools are under development. However, no support for legacy access control systems exists yet. To explore the feasibility to support legacy systems, we designed and implemented a mapping of the IBMreg Tivolireg Access Manager policy language into XACML. Although the Tivoli Access Manager policy...
That ensuring the electronic documents security is the key to the protection of internal information. With the extent of file sharing enlarged, it is hard to keep balance between the security and sharing. To achieve this goal, file tracing and audit, dynamic adjustment of right must be solved better. In this paper, a electronic document security system based on lineage mechanism is proposed,it support...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.